SoheilKhodayari / TheThing

Related projects ⓘ

Alternatives and complementary repositories for TheThing

• SoheilKhodayari / DOMClobbering
  DOM Clobbering Wiki, Browser Testing, and Payload Generation
  ☆43Updated last week
• terjanq / same-origin-xss
  Same Origin XSS challenge
  ☆56Updated 2 years ago
• Philesiv / XSLeaker
  Searcher for cross-site leaks (XS-Leaks)
  ☆81Updated last year
• KTH-LangSec / silent-spring
  Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js
  ☆56Updated 10 months ago
• msrkp / MXSS
  Awesome MXSS ??
  ☆45Updated last month
• ambionics / lightyear
  lightyear is a tool to dump files in tedious (blind) conditions using PHP filters
  ☆59Updated 2 weeks ago
• SoheilKhodayari / JAW
  JAW: A Graph-based Security Analysis Framework for Client-side JavaScript
  ☆99Updated last week
• KTH-LangSec / server-side-prototype-pollution
  A collection of Server-Side Prototype Pollution gadgets and exploits
  ☆133Updated 2 months ago
• BlackFan / cspp-tools
  Client-Side Prototype Pollution Tools
  ☆84Updated 3 years ago
• GitHubSecurityLab / ruby-unsafe-deserialization
  Proof of Concepts for unsafe deserialization in Ruby
  ☆14Updated last month
• bahruzjabiyev / frameshifter
  Grammar-based HTTP/2 fuzzer with mutation ability
  ☆42Updated 2 years ago
• SonarSource / argument-injection-vectors
  A curated list of argument injection vectors
  ☆37Updated 2 months ago
• usdAG / slipit
  Utility for creating ZipSlip archives
  ☆67Updated last year
• garlic0x1 / php-analyzer
  Simple taint analyzer for PHP/WordPress using VKCOM/php-parser
  ☆18Updated 2 years ago
• shhnjk / cursed_types
  List of Trusted Types bypasses
  ☆86Updated 7 months ago
• TheGrandPew / Sanity
  ☆15Updated 3 years ago
• p4k03n4t0r / http-request-smuggling
  Blog about HTTP Request Smuggling, including a demo application.
  ☆23Updated 2 years ago
• intruder-io / rebind-server
  A web server designed to shut off on command to exploit DNS rebinding in Chromium-based browsers
  ☆11Updated last year
• dillonfranke / protoburp
  Encode and Fuzz Custom Protobuf Messages in Burp Suite
  ☆30Updated last year
• SecuraBV / jws2pubkey
  jws2pubkey tool
  ☆37Updated 5 months ago
• testable-eu / sast-testability-patterns
  Testability Pattern Catalogs for SAST
  ☆29Updated 8 months ago
• elttam / rsu-cracker
  ☆31Updated last year
• fransr / hot-jar-swapping-urlclassloader
  Demo of the URLClassLoader JAR-swapping showing the ability to replace and exploit an already loaded JAR with inner classes
  ☆30Updated last year
• defparam / haptyc
  ☆92Updated 3 years ago
• aszx87410 / cdnjs-prototype-pollution
  Find all libraries on cdn.js that pollute your prototype
  ☆19Updated 2 years ago
• doyensec / protoburp
  Updated version of the ProtoBurp Extension, with enhanced features and capabilities to encode and fuzz custom protobuf messages
  ☆36Updated last year
• neex / ghostinthepdf
  ☆158Updated 3 years ago
• ambionics / scalpel
  Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.
  ☆52Updated 5 months ago
• PortSwigger / splitting-the-email-atom
  ☆65Updated last month
• RUB-NDS / xsinator.com
  XS-Leak Browser Test Suite
  ☆73Updated 11 months ago